Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/_R6PHQMcPitKIqCMsav78Tr_-As.roa
File: _R6PHQMcPitKIqCMsav78Tr_-As.roa (raw, json)
Hash identifier: W8SsRlIqrhE8KMtnU4Ry/xkOptPTvZmn1itMUChKhzo=
Subject key identifier: FD:1E:8F:1D:03:1C:3E:2B:4A:22:A0:8C:B1:AB:FB:F1:3A:FF:F8:0B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13FE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_R6PHQMcPitKIqCMsav78Tr_-As.roa
Signing time: Sat 13 Apr 2024 06:53:14 +0000
ROA not before: Sat 13 Apr 2024 06:53:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5118 (0x13fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 06:53:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FD1E8F1D031C3E2B4A22A08CB1ABFBF13AFFF80B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2e:d1:62:52:73:80:cb:7e:de:f2:50:c0:f6:
1e:5f:96:90:bc:d2:6d:a0:5c:7f:ea:b4:17:05:08:
56:c3:74:17:bf:f8:aa:86:77:2d:42:97:2d:12:9f:
69:9b:46:be:56:08:cd:f0:a5:2b:66:96:67:3c:0f:
7b:8b:51:7b:bf:8a:b5:36:e6:ed:ab:32:0e:3d:75:
1f:0c:db:ae:fe:12:24:b3:66:f0:e9:a2:eb:10:ac:
99:3e:b8:e0:1a:0c:d7:b8:d0:be:c8:fc:7e:36:60:
ca:b8:2c:19:9d:5f:e5:db:6d:85:8c:35:7e:05:e3:
fa:8c:1a:d1:fd:cf:85:98:8e:dd:9b:04:47:2b:99:
14:7f:54:e6:81:78:87:6e:65:a0:20:75:5d:72:0e:
56:1f:14:db:78:38:94:67:00:3b:65:24:86:c1:33:
47:80:b0:b7:4e:8a:5d:1e:b4:ca:98:19:ad:b4:66:
7d:25:b4:47:82:81:f6:28:6f:bd:cf:d8:ba:09:8a:
c9:eb:13:68:78:fb:e9:1b:bb:86:7a:0a:e5:99:5c:
2f:8e:15:81:91:db:e7:7b:65:cf:89:7f:11:8d:7e:
26:a6:49:5a:83:0f:3f:6b:38:af:f2:3c:b4:1a:3b:
06:0a:41:0a:75:d3:c3:ec:79:f2:84:b6:c6:19:23:
32:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1E:8F:1D:03:1C:3E:2B:4A:22:A0:8C:B1:AB:FB:F1:3A:FF:F8:0B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_R6PHQMcPitKIqCMsav78Tr_-As.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:fc:f2:95:6c:e6:02:a3:59:de:bd:66:3c:01:20:7e:96:21:
bb:b4:6c:78:fd:b7:dd:74:74:2b:09:b5:db:06:88:eb:a5:63:
4a:59:ef:f5:cb:34:e8:4d:8f:57:9b:d9:9a:0f:52:a6:7b:01:
ef:80:6f:51:84:6f:9d:d7:47:c8:73:81:82:d3:fe:ad:87:95:
fd:b7:bc:21:c3:36:83:69:44:2c:ee:60:7c:b7:dc:96:b9:8a:
8b:7c:eb:54:f9:f3:5f:4f:26:44:d4:4e:b5:d8:44:1e:b3:ff:
98:d4:17:19:29:fa:62:db:19:96:46:aa:2f:97:a0:2e:af:10:
f8:4f:ce:d3:a5:d2:19:96:f6:60:bf:34:18:22:d4:08:a7:41:
ce:8c:0d:ef:ce:f1:b2:2e:aa:bd:26:4f:af:00:af:91:82:a0:
eb:4b:05:ca:6b:71:f8:e3:86:4a:4b:2f:7f:20:70:cd:a3:dd:
91:ad:f6:40:1f:83:10:ec:c6:6b:79:78:db:f8:b2:a3:4b:6c:
67:a1:fb:ab:81:23:a2:49:2a:5c:43:93:01:6f:8e:4b:a1:a3:
b9:d5:25:47:bb:59:d2:36:b7:49:94:dd:32:8c:d4:b8:53:8d:
79:8a:3f:5e:c7:b9:68:4c:2f:9a:2a:55:a4:75:57:fb:bd:a9:
43:5f:aa:c8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
NjUzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZEMUU4RjFEMDMxQzNF
MkI0QTIyQTA4Q0IxQUJGQkYxM0FGRkY4MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgLtFiUnOAy37e8lDA9h5flpC80m2gXH/qtBcFCFbDdBe/+KqG
dy1Cly0Sn2mbRr5WCM3wpStmlmc8D3uLUXu/irU25u2rMg49dR8M267+EiSzZvDp
ousQrJk+uOAaDNe40L7I/H42YMq4LBmdX+XbbYWMNX4F4/qMGtH9z4WYjt2bBEcr
mRR/VOaBeIduZaAgdV1yDlYfFNt4OJRnADtlJIbBM0eAsLdOil0etMqYGa20Zn0l
tEeCgfYob73P2LoJisnrE2h4++kbu4Z6CuWZXC+OFYGR2+d7Zc+JfxGNfiamSVqD
Dz9rOK/yPLQaOwYKQQp108PsefKEtsYZIzL7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/R6PHQMcPitKIqCMsav78Tr/+AswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL19SNlBIUU1jUGl0S0lx
Q01zYXY3OFRyXy1Bcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgfzylWzmAqNZ3r1mPAEgfpYhu7RseP23
3XR0Kwm12waI66VjSlnv9cs06E2PV5vZmg9SpnsB74BvUYRvnddHyHOBgtP+rYeV
/be8IcM2g2lELO5gfLfclrmKi3zrVPnzX08mRNROtdhEHrP/mNQXGSn6YtsZlkaq
L5egLq8Q+E/O06XSGZb2YL80GCLUCKdBzowN787xsi6qvSZPrwCvkYKg60sFymtx
+OOGSksvfyBwzaPdka32QB+DEOzGa3l42/iyo0tsZ6H7q4EjokkqXEOTAW+OS6Gj
udUlR7tZ0ja3SZTdMozUuFONeYo/Xse5aEwvmipVpHVX+72pQ1+qyA==
-----END CERTIFICATE-----
Generated at Sat Apr 13 10:12:56 2024 by rpki-client on console-ams.rpki-client.org